1. Home
  2. EC-COUNCIL
  3. 412-79V10

EC-Council Certified Security Analyst (ECSA) V10

Exam Details

  • Exam Code
    :412-79V10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) V10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :201 Q&As
  • Last Updated
    :Mar 31, 2025

EC-COUNCIL EC-COUNCIL Certifications 412-79V10 Questions & Answers

  • Question 111:

    Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of the following?

    A. UDP and TCP

    B. TCP and SMTP

    C. SMTP

    D. UDP and SMTP

  • Question 112:

    Choose the correct option to define the Prefix Length.

    A. Prefix Length = Subnet + Host portions

    B. Prefix Length = Network + Host portions

    C. Prefix Length = Network + Subnet portions

    D. Prefix Length = Network + Subnet + Host portions

  • Question 113:

    When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

    A. Passive IDS

    B. Active IDS

    C. Progressive IDS

    D. NIPS

  • Question 114:

    Which one of the following is false about Wireshark? (Select all that apply)

    A. Wireshark offers some options to analyze the WEP-decrypted data

    B. It does not support decrypting the TKIP or CCMP packets

    C. In order for Wireshark to decrypt the contents of the WEP-encrypted packets, it must be given the appropriate WEP key for the network

    D. Packet Sniffer Mode

  • Question 115:

    The Internet is a giant database where people store some of their most private information on the cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website defacement, lost computers, accidental publishing, and more have all been sources of major leaks over the last 15 years.

    What is the biggest source of data leaks in organizations today?

    A. Weak passwords and lack of identity management

    B. Insufficient IT security budget

    C. Rogue employees and insider attacks

    D. Vulnerabilities, risks, and threats facing Web sites

  • Question 116:

    A chipset is a group of integrated circuits that are designed to work together and are usually marketed as a single product." It is generally the motherboard chips or the chips used on the expansion card. Which one of the following is well supported in most wireless applications?

    A. Orinoco chipsets

    B. Prism II chipsets

    C. Atheros Chipset

    D. Cisco chipset

  • Question 117:

    John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client.

    Which of the following factors does he need to consider while preparing the pen testing pricing report?

    A. Number of employees in the client organization

    B. Complete structure of the organization

    C. Number of client computers to be tested and resources required to perform a pen test

    D. Number of servers available in the client organization

  • Question 118:

    Network scanning is used to identify the available network resources. Which one of the following is also known as a half-open scan, because a full TCP connection is never completed and it is used to determine which ports are open and listening on a target device?

    A. SYN Scan

    B. TCP Connect Scan

    C. XMAS Scan

    D. Null Scan

  • Question 119:

    A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped.

    Why is an appliance-based firewall is more secure than those implemented on top of the commercial operating system (Software based)?

    A. Appliance based firewalls cannot be upgraded

    B. Firewalls implemented on a hardware firewall are highly scalable

    C. Hardware appliances does not suffer from security vulnerabilities associated with the underlying operating system

    D. Operating system firewalls are highly configured

  • Question 120:

    Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?

    A. Web Services Footprinting Attack

    B. Service Level Configuration Attacks

    C. URL Tampering Attacks

    D. Inside Attacks

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.